Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bad1c1-365d-41de-ad7c-ce8fc93adb21/1/F7CFuV7-4e4QE7j7mAr74wBaKy4.roa
File: F7CFuV7-4e4QE7j7mAr74wBaKy4.roa (raw, json)
Hash identifier: bcoB3eQu6kvcf/IxxelNd926P0eLXXup/DYgVzpWI94=
Subject key identifier: 17:B0:85:B9:5E:FE:E1:EE:10:13:B8:FB:98:0A:FB:E3:00:5A:2B:2E
Certificate issuer: /CN=474a88bc6e9e10bbaf150f019bbf8a615a2b03c2
Certificate serial: 01856E0AFFB62B06928B445E2E7F169D328E
Authority key identifier: 47:4A:88:BC:6E:9E:10:BB:AF:15:0F:01:9B:BF:8A:61:5A:2B:03:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R0qIvG6eELuvFQ8Bm7-KYVorA8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/bad1c1-365d-41de-ad7c-ce8fc93adb21/1/F7CFuV7-4e4QE7j7mAr74wBaKy4.roa
Signing time: Sun 01 Jan 2023 15:54:52 +0000
ROA not before: Sun 01 Jan 2023 15:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6908
IP address blocks: 217.61.176.0/20 maxlen: 20
217.61.180.0/22 maxlen: 24
217.61.184.0/22 maxlen: 24
91.135.224.0/20 maxlen: 20
78.41.152.0/21 maxlen: 21
62.149.32.0/19 maxlen: 19
62.149.48.0/20 maxlen: 20
185.120.152.0/22 maxlen: 22
94.247.96.0/21 maxlen: 21
217.20.16.0/20 maxlen: 20
185.109.92.0/22 maxlen: 22
185.122.232.0/22 maxlen: 22
5.102.184.0/21 maxlen: 21
46.252.64.0/20 maxlen: 20
185.119.68.0/22 maxlen: 22
158.58.160.0/21 maxlen: 21
91.151.208.0/20 maxlen: 20
80.79.128.0/20 maxlen: 20
80.79.128.0/21 maxlen: 21
91.199.24.0/24 maxlen: 24
80.79.136.0/21 maxlen: 21
217.10.128.0/19 maxlen: 19
195.72.128.0/22 maxlen: 22
85.92.192.0/19 maxlen: 19
77.75.232.0/23 maxlen: 23
109.239.80.0/20 maxlen: 20
185.64.160.0/22 maxlen: 22
217.169.32.0/19 maxlen: 19
185.121.248.0/22 maxlen: 22
109.71.120.0/21 maxlen: 21
213.133.128.0/19 maxlen: 19
82.147.0.0/19 maxlen: 19
95.131.216.0/21 maxlen: 21
2001:1b90::/32 maxlen: 32
2a03:14e0::/32 maxlen: 32
2a01:450::/32 maxlen: 32
2a02:2458::/32 maxlen: 32
2a03:6a00::/29 maxlen: 29
2a02:298::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0a:ff:b6:2b:06:92:8b:44:5e:2e:7f:16:9d:32:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=474a88bc6e9e10bbaf150f019bbf8a615a2b03c2
Validity
Not Before: Jan 1 15:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17b085b95efee1ee1013b8fb980afbe3005a2b2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2c:d5:41:2b:74:87:2d:7d:0c:48:ca:8b:e9:
84:3a:99:3d:04:b8:8b:f6:35:1e:f2:9d:72:fc:b1:
9b:de:88:eb:43:87:06:20:2f:0e:35:f6:2d:df:db:
9c:2d:ef:ce:36:87:7e:e1:97:ff:5a:40:c3:ac:87:
ad:bc:20:3f:9c:68:53:c3:ca:be:15:7a:64:98:ab:
d6:7d:27:b6:19:98:e6:fc:e2:5d:bf:a4:6c:0f:66:
ba:10:5f:77:93:f1:1c:59:ab:99:dc:5f:aa:11:8f:
1a:54:ab:cc:70:a8:aa:a6:8d:03:2f:ab:6f:38:1b:
5c:a0:23:ae:8d:c7:fa:3e:fa:a3:d6:b5:7e:fe:50:
35:1b:a1:da:66:32:7a:e9:f5:84:f6:21:0c:80:98:
87:e8:4f:20:5e:d9:0b:aa:06:73:95:d8:73:b2:b5:
65:c0:43:67:89:5f:c7:32:74:10:67:5a:71:7a:3c:
be:06:20:fd:fe:a0:bd:fd:c0:c1:39:74:4c:69:0b:
ab:73:0c:3f:90:81:9f:5f:fe:22:7f:86:88:2f:72:
a0:45:85:99:29:b2:17:da:c6:1c:8e:8a:b8:74:ef:
97:9d:d7:d1:ca:f1:16:1f:d0:7e:1b:94:af:61:42:
51:6b:f2:a7:21:76:62:2e:de:17:cc:aa:c4:32:45:
36:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B0:85:B9:5E:FE:E1:EE:10:13:B8:FB:98:0A:FB:E3:00:5A:2B:2E
X509v3 Authority Key Identifier:
keyid:47:4A:88:BC:6E:9E:10:BB:AF:15:0F:01:9B:BF:8A:61:5A:2B:03:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R0qIvG6eELuvFQ8Bm7-KYVorA8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bad1c1-365d-41de-ad7c-ce8fc93adb21/1/F7CFuV7-4e4QE7j7mAr74wBaKy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bad1c1-365d-41de-ad7c-ce8fc93adb21/1/R0qIvG6eELuvFQ8Bm7-KYVorA8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.184.0/21
46.252.64.0/20
62.149.32.0/19
77.75.232.0/23
78.41.152.0/21
80.79.128.0/20
82.147.0.0/19
85.92.192.0/19
91.135.224.0/20
91.151.208.0/20
91.199.24.0/24
94.247.96.0/21
95.131.216.0/21
109.71.120.0/21
109.239.80.0/20
158.58.160.0/21
185.64.160.0/22
185.109.92.0/22
185.119.68.0/22
185.120.152.0/22
185.121.248.0/22
185.122.232.0/22
195.72.128.0/22
213.133.128.0/19
217.10.128.0/19
217.20.16.0/20
217.61.176.0/20
217.169.32.0/19
IPv6:
2001:1b90::/32
2a01:450::/32
2a02:298::/32
2a02:2458::/32
2a03:14e0::/32
2a03:6a00::/29
Signature Algorithm: sha256WithRSAEncryption
c9:c9:2c:16:71:4f:57:33:a6:24:1b:d0:f0:ca:aa:34:16:63:
4e:38:72:c3:6b:8c:c8:5c:22:b1:eb:38:6a:94:8a:8d:5b:0b:
b5:e8:ea:71:db:bb:68:de:39:83:b0:79:10:9a:de:a7:51:39:
af:70:aa:88:87:f1:7f:95:01:d5:b7:88:17:7b:c3:1b:e8:7e:
ed:7a:18:9f:43:a5:ad:42:a5:54:87:3e:d3:f6:fb:ae:e6:2f:
b6:d1:78:06:c0:07:6a:50:93:bf:2f:51:70:77:2f:7b:45:6d:
fb:14:76:02:6e:ec:57:9c:19:22:75:f0:ae:fb:63:a0:b3:5e:
e7:e4:2d:9b:f4:44:d2:f7:9c:26:2f:54:ac:dd:09:db:78:c7:
c4:11:9b:c2:4d:42:2e:27:5e:11:54:7d:d2:71:79:c1:31:55:
92:d5:4b:a3:27:4e:da:ef:69:24:3b:34:0e:70:b5:93:d7:ab:
5a:0a:00:8f:19:a4:52:5e:06:6e:05:c2:f4:e8:3d:82:f2:2d:
07:b0:bf:c6:91:84:44:64:a9:5c:42:eb:46:d9:31:27:d4:0b:
71:9d:cd:52:dc:95:c2:4d:ca:4f:be:5a:b9:02:fb:ff:7e:6a:
cd:27:c2:63:b9:f8:1f:55:78:d0:b5:96:ac:73:7d:d3:c4:d1:
b0:65:91:73
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAYVuCv+2KwaSi0ReLn8WnTKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NGE4OGJjNmU5ZTEwYmJhZjE1MGYwMTliYmY4YTYxNWEy
YjAzYzIwHhcNMjMwMTAxMTU1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2IwODViOTVlZmVlMWVlMTAxM2I4ZmI5ODBhZmJlMzAwNWEyYjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyzVQSt0hy19DEjKi+mEOpk9BLiL
9jUe8p1y/LGb3ojrQ4cGIC8ONfYt39ucLe/ONod+4Zf/WkDDrIetvCA/nGhTw8q+
FXpkmKvWfSe2GZjm/OJdv6RsD2a6EF93k/EcWauZ3F+qEY8aVKvMcKiqpo0DL6tv
OBtcoCOujcf6Pvqj1rV+/lA1G6HaZjJ66fWE9iEMgJiH6E8gXtkLqgZzldhzsrVl
wENniV/HMnQQZ1pxejy+BiD9/qC9/cDBOXRMaQurcww/kIGfX/4if4aIL3KgRYWZ
KbIX2sYcjoq4dO+XndfRyvEWH9B+G5SvYUJRa/KnIXZiLt4XzKrEMkU2ewIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFBewhble/uHuEBO4+5gK++MAWisuMB8GA1UdIwQY
MBaAFEdKiLxunhC7rxUPAZu/imFaKwPCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjBxSXZHNmVFTHV2RlE4Qm03LUtZVm9yQThJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iYWQxYzEtMzY1ZC00MWRlLWFkN2Mt
Y2U4ZmM5M2FkYjIxLzEvRjdDRnVWNy00ZTRRRTdqN21Bcjc0d0JhS3k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iYWQxYzEtMzY1ZC00MWRlLWFkN2MtY2U4ZmM5M2FkYjIx
LzEvUjBxSXZHNmVFTHV2RlE4Qm03LUtZVm9yQThJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCBrwQCAAEwgagDBAMF
ZrgDBAQu/EADBAU+lSADBAFNS+gDBANOKZgDBARQT4ADBAVSkwADBAVVXMADBARb
h+ADBARbl9ADBABbxxgDBANe92ADBANfg9gDBANtR3gDBARt71ADBAOeOqADBAK5
QKADBAK5bVwDBAK5d0QDBAK5eJgDBAK5efgDBAK5eugDBALDSIADBAXVhYADBAXZ
CoADBATZFBADBATZPbADBAXZqSAwMAQCAAIwKgMFACABG5ADBQAqAQRQAwUAKgIC
mAMFACoCJFgDBQAqAxTgAwUDKgNqADANBgkqhkiG9w0BAQsFAAOCAQEAycksFnFP
VzOmJBvQ8MqqNBZjTjhyw2uMyFwises4apSKjVsLtejqcdu7aN45g7B5EJrep1E5
r3CqiIfxf5UB1beIF3vDG+h+7XoYn0OlrUKlVIc+0/b7ruYvttF4BsAHalCTvy9R
cHcve0Vt+xR2Am7sV5wZInXwrvtjoLNe5+Qtm/RE0vecJi9UrN0J23jHxBGbwk1C
LideEVR90nF5wTFVktVLoydO2u9pJDs0DnC1k9erWgoAjxmkUl4GbgXC9Og9gvIt
B7C/xpGERGSpXELrRtkxJ9QLcZ3NUtyVwk3KT75auQL7/35qzSfCY7n4H1V40LWW
rHN908TRsGWRcw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:30 2024 by rpki-client on console-ams.rpki-client.org